Hi, I want to remove/prohibit some permissions for Superadmin(Host user) in the seed method. For host user, all permissions from AppAuthorizationProviderare granted. How can we prohibit some permissions for host user in seed method only?
This is how we grant permissions in seed method:
var permissions = PermissionFinder
.GetAllPermissions(new AppAuthorizationProvider(true))
.Where(p => p.MultiTenancySides.HasFlag(MultiTenancySides.Host))
.ToList();
foreach (var permission in permissions)
{
if((permission.Parent!=null && permission.Parent.Name != AppPermissions.Pages_Companies)
||
(permission.Name != AppPermissions.Pages_Companies))
{
_context.Permissions.Add(
new RolePermissionSetting
{
TenantId = null,
Name = permission.Name,
IsGranted = true,
RoleId = adminRoleForHost.Id
});
}
}
Thanks.
3 Answer(s)
-
0
Hi,
Just insert a UserPermissionSetting record after admin user of host is created in the SeedHelper. Something like this:
_context.SaveChanges(); _context.Permissions.AddRange( permissions.Select(permission => new UserPermissionSetting { TenantId = null, Name = permission.Name, IsGranted = false, UserId = adminUserForHost.Id }) ); -
0
Thanks @ismcagdas, I guess it will not grant any of the permissions for host user but, I want to remove only some permissions for host user, not all of them. So, is there something like we set some flag/parameter for permissions so that we can identify at the time of granting the permission which must be granted and which must be not.
I am actually thinking of overriding the CreateChildPermission() and set some flag, but I don't have the implementation of CreateChildPermission().
Thanks
-
0
@bolenton I understand now.
In that case, first you need to extend Permission entity and add your flag field to it. Then, create an extension method for Permission. Add your new class into given permisison's childrens.
Another way would be defining a list of permissions you wan to prohibit (List<string>), and check them in the Seed method and prohibit accordingly.
